Victor Zverovich
e60274b29c
Run lint workflow on all PRs to fix stuck required checks
...
The lint workflow was path-filtered to source files, so PRs that didn't
touch them never ran clang-format/cmake-format. Since those checks are
required, such PRs were blocked forever waiting for a status that never
came. Drop the paths filter so the workflow always reports a status.
2026-06-09 15:56:50 +02:00
Victor Zverovich
87bb05d3b2
Fix release workflow startup failure from insufficient permissions
...
The provenance job called the SLSA generator with contents: read, but the
generator's upload-assets job declares contents: write. A reusable
workflow's job permissions may not exceed the caller's, so GitHub failed
the run at startup. Grant contents: write; the upload-assets job is still
skipped at runtime since upload-assets is false.
2026-06-09 15:48:28 +02:00
Victor Zverovich
1ccba0cf80
Attach SLSA provenance to the draft instead of a new release
...
With upload-assets the SLSA generator created and published its own
release (and tag) to host the attestation, duplicating the draft. Disable
upload-assets and add a job that downloads the provenance artifact and
attaches it to the draft alongside the source zip.
2026-06-09 06:23:34 +02:00
Victor Zverovich
841040e781
Attach release artifacts to draft via workflow_dispatch
...
Draft releases do not fire the `release: created` event, so the release
workflow never ran and the source zip and SLSA provenance were not
attached to the draft. Trigger the workflow explicitly from release.py
via workflow_dispatch, passing the tag to attach to and the ref to build
from, and resolve the tag/ref in the workflow for both event types.
2026-06-08 07:48:52 +02:00
dependabot[bot]
57563a7ebd
Bump github/codeql-action from 4.35.1 to 4.36.1 ( #4793 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.35.1 to 4.36.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c10b8064de...87557b9c84
2026-06-02 15:15:23 -07:00
dependabot[bot]
a597d06854
Bump slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml ( #4792 )
...
Bumps [slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml](https://github.com/slsa-framework/slsa-github-generator ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml
dependency-version: 2.1.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-02 15:14:38 -07:00
Victor Zverovich
b6248c5bc0
Fix doc deploy condition for main branch
2026-06-01 15:22:36 -07:00
Victor Zverovich
6b2d7f9726
Rename CIFuzz workflow to fuzz
...
Match the naming convention used by the other workflows: lowercase,
single-word names that describe what the workflow does rather than the
tool it uses. Also rename the job from Fuzzing to fuzz for consistency.
2026-06-01 12:03:52 -07:00
Victor Zverovich
2538c89e71
Scope CodeQL write permissions to the analyze job
2026-06-01 10:53:29 -07:00
Victor Zverovich
b18919cb38
Clean up supply-chain workflow
2026-06-01 10:22:33 -07:00
Victor Zverovich
3046d2ca7e
Add CodeQL workflow
2026-06-01 09:31:01 -07:00
Victor Zverovich
95390170a9
Rename scorecard workflow to supply-chain
2026-06-01 08:54:54 -07:00
Victor Zverovich
1f0533a923
Pin clang-20 install
...
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-31 21:23:21 -07:00
Victor Zverovich
e48f8a9070
Pin clang-format install
...
Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-31 20:56:33 -07:00
Victor Zverovich
6a1d56c425
Pin doc deps
2026-05-31 20:14:10 -07:00
Victor Zverovich
49780cabbe
Pin deps
2026-05-31 19:10:01 -07:00
Victor Zverovich
a9e889e161
Build release artifacts and SLSA provenance in CI
...
Adds .github/workflows/release.yml, triggered on `release: created`, which:
- checks out the release's target_commitish,
- builds the source zip via CMake/CPack (`package_source`),
- uploads the zip to the draft release,
- calls slsa-framework/slsa-github-generator to produce a
SLSA v1.0 *.intoto.jsonl provenance file and attach it to the
same draft release.
After CI completes, the draft has both the zip and the provenance attached,
and the maintainer reviews and publishes as before.
Updates support/release.py to stop building and uploading the zip locally;
that work has moved to CI so the SLSA provenance attests to the actual
build environment that produced the artifact, not to a hash observed
after the fact. The script still builds docs locally because the
subsequent mkdocs deploy step depends on them.
2026-05-31 18:16:07 -07:00
Victor Zverovich
d079860923
Remove a temporary workflow
2026-05-31 18:15:24 -07:00
Victor Zverovich
da081318af
Add workflow_dispatch trigger to scorecard.yml
2026-05-31 15:01:24 -07:00
Victor Zverovich
2a24d1ae2e
Add a temporary workflow to backfill SLSA provenance for existing releases
2026-05-31 09:16:32 -07:00
Victor Zverovich
7aabdcf0ba
Workaround apt-add-repository timeouts
2026-05-03 07:25:47 -07:00
Victor Zverovich
382609a920
Cleanup module test and CI config
2026-04-14 12:30:21 -07:00
Mathew Benson
8783c3c2d4
enable fmt_module tests by updating module-test.cc ( #4702 )
...
- Update g++ module testing to use g++ version 15 instead of 14.
The module support in version 14 isn't very stable and the module
testing was not working due to unresolved locale symbols.
- Update CI for linux and macos to add verbosity so its consistent with
windows.
- Refactor test/CMakeLists.txt to enable testing for modules
- The tests in `module-test.cc` seem to not have been updated in some
time despite changes in the main library.
- Wide String versions of several tests appear to be deprecated so have
been removed.
- Refactored tests related to `fmt::format_args` that now requires lvalue
references as opposed to direct values.
- Remove the none-working code identified in the `module-test.cc` file
while updating.
2026-04-12 10:07:16 -07:00
Victor Zverovich
907f002f8e
Cleanup CI
2026-04-02 16:30:52 -07:00
dependabot[bot]
579587bee3
Bump github/codeql-action from 4.32.0 to 4.35.1 ( #4727 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.32.0 to 4.35.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b20883b0cd...c10b8064de
2026-04-02 15:20:10 -07:00
Victor Zverovich
8572a24603
Cleanup CI config
2026-04-02 15:04:00 -07:00
Mathew Benson
cdb8dc76d9
Add C++-Modules Based Linux CI workflow ( #4708 )
...
- This adds a set of CI tests for linux that include compilers that
support modules
- This CI workflow uses ninja as the build system generator
- Can be integrated with the other linux workflow after successful
testing
Co-authored-by: Mathew Benson <mathew@benson.co.ke>
2026-03-28 09:45:56 -07:00
Victor Zverovich
dc05bee307
Don't assume nul termination in printf
...
Thanks ZUENS2020 for reporting.
2026-03-23 13:28:26 -07:00
Victor Zverovich
7733f4c136
Add cmake-format job
2026-03-14 13:51:29 -07:00
Victor Zverovich
04434416a4
Remove unnecessary CI change
2026-03-03 12:35:39 -08:00
dependabot[bot]
fca0445565
Bump actions/upload-artifact from 6.0.0 to 7.0.0 ( #4691 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](b7c566a772...bbbca2ddaa
2026-03-01 13:06:20 -08:00
Victor Zverovich
88c5a91487
Fix CI ( #4690 )
2026-02-28 08:37:13 -08:00
dependabot[bot]
afd51d1041
Bump github/codeql-action from 4.31.2 to 4.32.0 ( #4664 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 4.31.2 to 4.32.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0499de31b9...b20883b0cd
2026-02-01 08:21:38 -08:00
dependabot[bot]
bf3babfd7c
Bump actions/upload-artifact from 5.0.0 to 6.0.0 ( #4642 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](330a01c490...b7c566a772
2026-01-01 13:10:42 -08:00
Zephyr Lykos
7bce22571a
Make it work on newer mkdocstrings, fix deprecation warnings ( #4626 )
...
* Make it work on newer mkdocstrings, fix deprecation warnings
* Bump documentation dependency versions
2025-12-14 08:36:41 -08:00
dependabot[bot]
d6712ff2c0
Bump actions/checkout from 5.0.0 to 6.0.0 ( #4621 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68
2025-12-01 09:04:20 -08:00
Victor Zverovich
5bc56e24a9
Update clang-format to version 21
2025-11-28 20:05:18 -08:00
Victor Zverovich
62f57b2496
Fix the macOS build
2025-11-04 09:12:57 -10:00
dependabot[bot]
a195dd6b37
Bump github/codeql-action from 3.30.5 to 4.31.2 ( #4599 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.30.5 to 4.31.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3599b3baa1...0499de31b9
2025-11-03 08:53:27 -08:00
dependabot[bot]
b6cd356196
Bump actions/upload-artifact from 4.6.0 to 5.0.0 ( #4598 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](65c4c4a1dd...330a01c490
2025-11-01 09:39:15 -07:00
dependabot[bot]
d13e5d048d
Bump github/codeql-action from 3.29.7 to 3.30.5 ( #4558 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.7 to 3.30.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](51f77329af...3599b3baa1
2025-10-02 06:08:07 -07:00
dependabot[bot]
f17b9aa44c
Bump actions/checkout from 4.2.0 to 5.0.0 ( #4523 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...08c6903cd8
2025-09-02 09:04:42 -07:00
dependabot[bot]
814f51eab6
Bump github/codeql-action from 3.28.16 to 3.29.5 ( #4510 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.16 to 3.29.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...51f77329af
2025-08-01 11:52:42 -07:00
dependabot[bot]
fc8d07cfe5
Bump msys2/setup-msys2 from 2.27.0 to 2.28.0 ( #4485 )
...
Bumps [msys2/setup-msys2](https://github.com/msys2/setup-msys2 ) from 2.27.0 to 2.28.0.
- [Release notes](https://github.com/msys2/setup-msys2/releases )
- [Changelog](https://github.com/msys2/setup-msys2/blob/main/CHANGELOG.md )
- [Commits](61f9e5e925...40677d36a5
2025-07-01 08:42:01 -07:00
Victor Zverovich
bc0193535a
Update image
2025-06-29 07:50:09 -07:00
dependabot[bot]
6332a38529
Bump ossf/scorecard-action from 2.4.0 to 2.4.2 ( #4462 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.4.0 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](62b2cac7ed...05b42c6244
2025-06-01 08:48:36 -07:00
dependabot[bot]
26d87edab1
Bump github/codeql-action from 3.28.13 to 3.28.16 ( #4432 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.28.13 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...28deaeda66
2025-05-03 06:59:36 -07:00
Victor Zverovich
969d4aef60
Update doc image
2025-04-19 10:08:24 -07:00
Victor Zverovich
f470b9c566
Cleanup chrono tests and set consistent TZ
2025-04-12 09:12:49 -07:00
Victor Zverovich
b28214487d
Fix handling of %Z
2025-04-12 08:51:22 -07:00
